OpenCoverage

kex.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/kex.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: kex.c,v 1.141 2018/07/09 13:37:10 sf Exp $ */-
2/*-
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.-
4 *-
5 * Redistribution and use in source and binary forms, with or without-
6 * modification, are permitted provided that the following conditions-
7 * are met:-
8 * 1. Redistributions of source code must retain the above copyright-
9 * notice, this list of conditions and the following disclaimer.-
10 * 2. Redistributions in binary form must reproduce the above copyright-
11 * notice, this list of conditions and the following disclaimer in the-
12 * documentation and/or other materials provided with the distribution.-
13 *-
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR-
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES-
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.-
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,-
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,-
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY-
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT-
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF-
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.-
24 */-
25-
26#include "includes.h"-
27-
28-
29#include <signal.h>-
30#include <stdarg.h>-
31#include <stdio.h>-
32#include <stdlib.h>-
33#include <string.h>-
34-
35#ifdef WITH_OPENSSL-
36#include <openssl/crypto.h>-
37#include <openssl/dh.h>-
38#endif-
39-
40#include "ssh2.h"-
41#include "packet.h"-
42#include "compat.h"-
43#include "cipher.h"-
44#include "sshkey.h"-
45#include "kex.h"-
46#include "log.h"-
47#include "mac.h"-
48#include "match.h"-
49#include "misc.h"-
50#include "dispatch.h"-
51#include "monitor.h"-
52-
53#include "ssherr.h"-
54#include "sshbuf.h"-
55#include "digest.h"-
56-
57/* prototype */-
58static int kex_choose_conf(struct ssh *);-
59static int kex_input_newkeys(int, u_int32_t, struct ssh *);-
60-
61static const char *proposal_names[PROPOSAL_MAX] = {-
62 "KEX algorithms",-
63 "host key algorithms",-
64 "ciphers ctos",-
65 "ciphers stoc",-
66 "MACs ctos",-
67 "MACs stoc",-
68 "compression ctos",-
69 "compression stoc",-
70 "languages ctos",-
71 "languages stoc",-
72};-
73-
74struct kexalg {-
75 char *name;-
76 u_int type;-
77 int ec_nid;-
78 int hash_alg;-
79};-
80static const struct kexalg kexalgs[] = {-
81#ifdef WITH_OPENSSL-
82 { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },-
83 { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 },-
84 { KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256 },-
85 { KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512 },-
86 { KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512 },-
87 { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 },-
88#ifdef HAVE_EVP_SHA256-
89 { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 },-
90#endif /* HAVE_EVP_SHA256 */-
91#ifdef OPENSSL_HAS_ECC-
92 { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2,-
93 NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },-
94 { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1,-
95 SSH_DIGEST_SHA384 },-
96# ifdef OPENSSL_HAS_NISTP521-
97 { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1,-
98 SSH_DIGEST_SHA512 },-
99# endif /* OPENSSL_HAS_NISTP521 */-
100#endif /* OPENSSL_HAS_ECC */-
101#endif /* WITH_OPENSSL */-
102#if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL)-
103 { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },-
104 { KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },-
105#endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */-
106 { NULL, -1, -1, -1},-
107};-
108-
109char *-
110kex_alg_list(char sep)-
111{-
112 char *ret = NULL, *tmp;-
113 size_t nlen, rlen = 0;-
114 const struct kexalg *k;-
115-
116 for (k = kexalgs; k->name != NULL; k++) {
k->name != ((void *)0)Description
TRUEevaluated 24 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
2-24
117 if (ret != NULL)
ret != ((void *)0)Description
TRUEevaluated 22 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
2-22
118 ret[rlen++] = sep;
executed 22 times by 1 test: ret[rlen++] = sep;
Executed by:
  • sshd
22
119 nlen = strlen(k->name);-
120 if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) {
(tmp = realloc...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 24 times by 1 test
Evaluated by:
  • sshd
0-24
121 free(ret);-
122 return NULL;
never executed: return ((void *)0) ;
0
123 }-
124 ret = tmp;-
125 memcpy(ret + rlen, k->name, nlen + 1);-
126 rlen += nlen;-
127 }
executed 24 times by 1 test: end of block
Executed by:
  • sshd
24
128 return ret;
executed 2 times by 1 test: return ret;
Executed by:
  • sshd
2
129}-
130-
131static const struct kexalg *-
132kex_alg_by_name(const char *name)-
133{-
134 const struct kexalg *k;-
135-
136 for (k = kexalgs; k->name != NULL; k++) {
k->name != ((void *)0)Description
TRUEevaluated 2200 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-2200
137 if (strcmp(k->name, name) == 0)
never executed: __result = (((const unsigned char *) (const char *) ( k->name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 1880 times by 1 test
Evaluated by:
  • test_kex
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0-1880
138 return k;
executed 320 times by 1 test: return k;
Executed by:
  • test_kex
320
139 }
executed 1880 times by 1 test: end of block
Executed by:
  • test_kex
1880
140 return NULL;
never executed: return ((void *)0) ;
0
141}-
142-
143/* Validate KEX method name list */-
144int-
145kex_names_valid(const char *names)-
146{-
147 char *s, *cp, *p;-
148-
149 if (names == NULL || strcmp(names, "") == 0)
never executed: __result = (((const unsigned char *) (const char *) ( names ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
names == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
150 return 0;
never executed: return 0;
0
151 if ((s = cp = strdup(names)) == NULL)
never executed: __retval = (char *) memcpy (__retval, names , __len);
(s = cp = (__e...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__retval != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( names )Description
TRUEnever evaluated
FALSEnever evaluated
((size_t)(cons... names ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
152 return 0;
never executed: return 0;
0
153 for ((p = strsep(&cp, ",")); p && *p != '\0';
pDescription
TRUEnever evaluated
FALSEnever evaluated
*p != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
154 (p = strsep(&cp, ","))) {-
155 if (kex_alg_by_name(p) == NULL) {
kex_alg_by_nam...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
156 error("Unsupported KEX algorithm \"%.100s\"", p);-
157 free(s);-
158 return 0;
never executed: return 0;
0
159 }-
160 }
never executed: end of block
0
161 debug3("kex names ok: [%s]", names);-
162 free(s);-
163 return 1;
never executed: return 1;
0
164}-
165-
166/*-
167 * Concatenate algorithm names, avoiding duplicates in the process.-
168 * Caller must free returned string.-
169 */-
170char *-
171kex_names_cat(const char *a, const char *b)-
172{-
173 char *ret = NULL, *tmp = NULL, *cp, *p, *m;-
174 size_t len;-
175-
176 if (a == NULL || *a == '\0')
a == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
*a == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
177 return strdup(b);
never executed: return (__extension__ (__builtin_constant_p ( b ) && ((size_t)(const void *)(( b ) + 1) - (size_t)(const void *)( b ) == 1) ? (((const char *) ( b ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( b ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, b , __len); __retval; })) : __strdup ( b ))) ;
never executed: __retval = (char *) memcpy (__retval, b , __len);
__retval != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( b )Description
TRUEnever evaluated
FALSEnever evaluated
((size_t)(cons... *)( b ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
178 if (b == NULL || *b == '\0')
b == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
*b == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
179 return strdup(a);
never executed: return (__extension__ (__builtin_constant_p ( a ) && ((size_t)(const void *)(( a ) + 1) - (size_t)(const void *)( a ) == 1) ? (((const char *) ( a ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( a ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, a , __len); __retval; })) : __strdup ( a ))) ;
never executed: __retval = (char *) memcpy (__retval, a , __len);
__retval != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( a )Description
TRUEnever evaluated
FALSEnever evaluated
((size_t)(cons... *)( a ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
180 if (strlen(b) > 1024*1024)
strlen(b) > 1024*1024Description
TRUEnever evaluated
FALSEnever evaluated
0
181 return NULL;
never executed: return ((void *)0) ;
0
182 len = strlen(a) + strlen(b) + 2;-
183 if ((tmp = cp = strdup(b)) == NULL ||
never executed: __retval = (char *) memcpy (__retval, b , __len);
__retval != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
(tmp = cp = (_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( b )Description
TRUEnever evaluated
FALSEnever evaluated
((size_t)(cons... *)( b ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
184 (ret = calloc(1, len)) == NULL) {
(ret = calloc(...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
185 free(tmp);-
186 return NULL;
never executed: return ((void *)0) ;
0
187 }-
188 strlcpy(ret, a, len);-
189 for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
pDescription
TRUEnever evaluated
FALSEnever evaluated
*p != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
190 if ((m = match_list(ret, p, NULL)) != NULL) {
(m = match_lis...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
191 free(m);-
192 continue; /* Algorithm already present */
never executed: continue;
0
193 }-
194 if (strlcat(ret, ",", len) >= len ||
strlcat(ret, ",", len) >= lenDescription
TRUEnever evaluated
FALSEnever evaluated
0
195 strlcat(ret, p, len) >= len) {
strlcat(ret, p, len) >= lenDescription
TRUEnever evaluated
FALSEnever evaluated
0
196 free(tmp);-
197 free(ret);-
198 return NULL; /* Shouldn't happen */
never executed: return ((void *)0) ;
0
199 }-
200 }
never executed: end of block
0
201 free(tmp);-
202 return ret;
never executed: return ret;
0
203}-
204-
205/*-
206 * Assemble a list of algorithms from a default list and a string from a-
207 * configuration file. The user-provided string may begin with '+' to-
208 * indicate that it should be appended to the default or '-' that the-
209 * specified names should be removed.-
210 */-
211int-
212kex_assemble_names(char **listp, const char *def, const char *all)-
213{-
214 char *cp, *tmp, *patterns;-
215 char *list = NULL, *ret = NULL, *matching = NULL, *opatterns = NULL;-
216 int r = SSH_ERR_INTERNAL_ERROR;-
217-
218 if (listp == NULL || *listp == NULL || **listp == '\0') {
listp == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 14 times by 1 test
Evaluated by:
  • sshd
*listp == ((void *)0)Description
TRUEevaluated 14 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
**listp == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0-14
219 if ((*listp = strdup(def)) == NULL)
never executed: __retval = (char *) memcpy (__retval, def , __len);
(*listp = (__e...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 14 times by 1 test
Evaluated by:
  • sshd
__retval != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( def )Description
TRUEnever evaluated
FALSEevaluated 14 times by 1 test
Evaluated by:
  • sshd
((size_t)(cons...)( def ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
0-14
220 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
221 return 0;
executed 14 times by 1 test: return 0;
Executed by:
  • sshd
14
222 }-
223-
224 list = *listp;-
225 *listp = NULL;-
226 if (*list == '+') {
*list == '+'Description
TRUEnever evaluated
FALSEnever evaluated
0
227 /* Append names to default list */-
228 if ((tmp = kex_names_cat(def, list + 1)) == NULL) {
(tmp = kex_nam...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
229 r = SSH_ERR_ALLOC_FAIL;-
230 goto fail;
never executed: goto fail;
0
231 }-
232 free(list);-
233 list = tmp;-
234 } else if (*list == '-') {
never executed: end of block
*list == '-'Description
TRUEnever evaluated
FALSEnever evaluated
0
235 /* Remove names from default list */-
236 if ((*listp = match_filter_blacklist(def, list + 1)) == NULL) {
(*listp = matc...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
237 r = SSH_ERR_ALLOC_FAIL;-
238 goto fail;
never executed: goto fail;
0
239 }-
240 free(list);-
241 /* filtering has already been done */-
242 return 0;
never executed: return 0;
0
243 } else {-
244 /* Explicit list, overrides default - just use "list" as is */-
245 }
never executed: end of block
0
246-
247 /*-
248 * The supplied names may be a pattern-list. For the -list case,-
249 * the patterns are applied above. For the +list and explicit list-
250 * cases we need to do it now.-
251 */-
252 ret = NULL;-
253 if ((patterns = opatterns = strdup(list)) == NULL) {
never executed: __retval = (char *) memcpy (__retval, list , __len);
(patterns = op...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__retval != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( list )Description
TRUEnever evaluated
FALSEnever evaluated
((size_t)(cons...( list ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
254 r = SSH_ERR_ALLOC_FAIL;-
255 goto fail;
never executed: goto fail;
0
256 }-
257 /* Apply positive (i.e. non-negated) patterns from the list */-
258 while ((cp = strsep(&patterns, ",")) != NULL) {
(cp = __extens...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
259 if (*cp == '!') {
*cp == '!'Description
TRUEnever evaluated
FALSEnever evaluated
0
260 /* negated matches are not supported here */-
261 r = SSH_ERR_INVALID_ARGUMENT;-
262 goto fail;
never executed: goto fail;
0
263 }-
264 free(matching);-
265 if ((matching = match_filter_whitelist(all, cp)) == NULL) {
(matching = ma...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
266 r = SSH_ERR_ALLOC_FAIL;-
267 goto fail;
never executed: goto fail;
0
268 }-
269 if ((tmp = kex_names_cat(ret, matching)) == NULL) {
(tmp = kex_nam...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
270 r = SSH_ERR_ALLOC_FAIL;-
271 goto fail;
never executed: goto fail;
0
272 }-
273 free(ret);-
274 ret = tmp;-
275 }
never executed: end of block
0
276 if (ret == NULL || *ret == '\0') {
ret == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
*ret == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
277 /* An empty name-list is an error */-
278 /* XXX better error code? */-
279 r = SSH_ERR_INVALID_ARGUMENT;-
280 goto fail;
never executed: goto fail;
0
281 }-
282-
283 /* success */-
284 *listp = ret;-
285 ret = NULL;-
286 r = 0;-
287-
288 fail:
code before this statement never executed: fail:
0
289 free(matching);-
290 free(opatterns);-
291 free(list);-
292 free(ret);-
293 return r;
never executed: return r;
0
294}-
295-
296/* put algorithm proposal into buffer */-
297int-
298kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX])-
299{-
300 u_int i;-
301 int r;-
302-
303 sshbuf_reset(b);-
304-
305 /*-
306 * add a dummy cookie, the cookie will be overwritten by-
307 * kex_send_kexinit(), each time a kexinit is set-
308 */-
309 for (i = 0; i < KEX_COOKIE_LEN; i++) {
i < 16Description
TRUEevaluated 2560 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
160-2560
310 if ((r = sshbuf_put_u8(b, 0)) != 0)
(r = sshbuf_put_u8(b, 0)) != 0Description
TRUEnever evaluated
FALSEevaluated 2560 times by 1 test
Evaluated by:
  • test_kex
0-2560
311 return r;
never executed: return r;
0
312 }
executed 2560 times by 1 test: end of block
Executed by:
  • test_kex
2560
313 for (i = 0; i < PROPOSAL_MAX; i++) {
i < PROPOSAL_MAXDescription
TRUEevaluated 1600 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
160-1600
314 if ((r = sshbuf_put_cstring(b, proposal[i])) != 0)
(r = sshbuf_pu...osal[i])) != 0Description
TRUEnever evaluated
FALSEevaluated 1600 times by 1 test
Evaluated by:
  • test_kex
0-1600
315 return r;
never executed: return r;
0
316 }
executed 1600 times by 1 test: end of block
Executed by:
  • test_kex
1600
317 if ((r = sshbuf_put_u8(b, 0)) != 0 || /* first_kex_packet_follows */
(r = sshbuf_put_u8(b, 0)) != 0Description
TRUEnever evaluated
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
0-160
318 (r = sshbuf_put_u32(b, 0)) != 0) /* uint32 reserved */
(r = sshbuf_pu...32(b, 0)) != 0Description
TRUEnever evaluated
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
0-160
319 return r;
never executed: return r;
0
320 return 0;
executed 160 times by 1 test: return 0;
Executed by:
  • test_kex
160
321}-
322-
323/* parse buffer and return algorithm proposal */-
324int-
325kex_buf2prop(struct sshbuf *raw, int *first_kex_follows, char ***propp)-
326{-
327 struct sshbuf *b = NULL;-
328 u_char v;-
329 u_int i;-
330 char **proposal = NULL;-
331 int r;-
332-
333 *propp = NULL;-
334 if ((proposal = calloc(PROPOSAL_MAX, sizeof(char *))) == NULL)
(proposal = ca...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
0-704
335 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
336 if ((b = sshbuf_fromb(raw)) == NULL) {
(b = sshbuf_fr...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
0-704
337 r = SSH_ERR_ALLOC_FAIL;-
338 goto out;
never executed: goto out;
0
339 }-
340 if ((r = sshbuf_consume(b, KEX_COOKIE_LEN)) != 0) /* skip cookie */
(r = sshbuf_co...e(b, 16)) != 0Description
TRUEnever evaluated
FALSEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
0-704
341 goto out;
never executed: goto out;
0
342 /* extract kex init proposal strings */-
343 for (i = 0; i < PROPOSAL_MAX; i++) {
i < PROPOSAL_MAXDescription
TRUEevaluated 7040 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
704-7040
344 if ((r = sshbuf_get_cstring(b, &(proposal[i]), NULL)) != 0)
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEevaluated 7040 times by 1 test
Evaluated by:
  • test_kex
0-7040
345 goto out;
never executed: goto out;
0
346 debug2("%s: %s", proposal_names[i], proposal[i]);-
347 }
executed 7040 times by 1 test: end of block
Executed by:
  • test_kex
7040
348 /* first kex follows / reserved */-
349 if ((r = sshbuf_get_u8(b, &v)) != 0 || /* first_kex_follows */
(r = sshbuf_ge...8(b, &v)) != 0Description
TRUEnever evaluated
FALSEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
0-704
350 (r = sshbuf_get_u32(b, &i)) != 0) /* reserved */
(r = sshbuf_ge...2(b, &i)) != 0Description
TRUEnever evaluated
FALSEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
0-704
351 goto out;
never executed: goto out;
0
352 if (first_kex_follows != NULL)
first_kex_foll...!= ((void *)0)Description
TRUEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 384 times by 1 test
Evaluated by:
  • test_kex
320-384
353 *first_kex_follows = v;
executed 320 times by 1 test: *first_kex_follows = v;
Executed by:
  • test_kex
320
354 debug2("first_kex_follows %d ", v);-
355 debug2("reserved %u ", i);-
356 r = 0;-
357 *propp = proposal;-
358 out:
code before this statement executed 704 times by 1 test: out:
Executed by:
  • test_kex
704
359 if (r != 0 && proposal != NULL)
r != 0Description
TRUEnever evaluated
FALSEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
proposal != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0-704
360 kex_prop_free(proposal);
never executed: kex_prop_free(proposal);
0
361 sshbuf_free(b);-
362 return r;
executed 704 times by 1 test: return r;
Executed by:
  • test_kex
704
363}-
364-
365void-
366kex_prop_free(char **proposal)-
367{-
368 u_int i;-
369-
370 if (proposal == NULL)
proposal == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
0-704
371 return;
never executed: return;
0
372 for (i = 0; i < PROPOSAL_MAX; i++)
i < PROPOSAL_MAXDescription
TRUEevaluated 7040 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
704-7040
373 free(proposal[i]);
executed 7040 times by 1 test: free(proposal[i]);
Executed by:
  • test_kex
7040
374 free(proposal);-
375}
executed 704 times by 1 test: end of block
Executed by:
  • test_kex
704
376-
377/* ARGSUSED */-
378static int-
379kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh)-
380{-
381 int r;-
382-
383 error("kex protocol error: type %d seq %u", type, seq);-
384 if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||
(r = sshpkt_st...(ssh, 3)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
385 (r = sshpkt_put_u32(ssh, seq)) != 0 ||
(r = sshpkt_pu...sh, seq)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
386 (r = sshpkt_send(ssh)) != 0)
(r = sshpkt_send(ssh)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
387 return r;
never executed: return r;
0
388 return 0;
never executed: return 0;
0
389}-
390-
391static void-
392kex_reset_dispatch(struct ssh *ssh)-
393{-
394 ssh_dispatch_range(ssh, SSH2_MSG_TRANSPORT_MIN,-
395 SSH2_MSG_TRANSPORT_MAX, &kex_protocol_error);-
396}
executed 416 times by 1 test: end of block
Executed by:
  • test_kex
416
397-
398static int-
399kex_send_ext_info(struct ssh *ssh)-
400{-
401 int r;-
402 char *algs;-
403-
404 if ((algs = sshkey_alg_list(0, 1, 1, ',')) == NULL)
(algs = sshkey...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
405 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
406 /* XXX filter algs list by allowed pubkey/hostbased types */-
407 if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 ||
(r = sshpkt_st...(ssh, 7)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
408 (r = sshpkt_put_u32(ssh, 1)) != 0 ||
(r = sshpkt_pu...(ssh, 1)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
409 (r = sshpkt_put_cstring(ssh, "server-sig-algs")) != 0 ||
(r = sshpkt_pu...g-algs")) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
410 (r = sshpkt_put_cstring(ssh, algs)) != 0 ||
(r = sshpkt_pu...h, algs)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
411 (r = sshpkt_send(ssh)) != 0)
(r = sshpkt_send(ssh)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
412 goto out;
never executed: goto out;
0
413 /* success */-
414 r = 0;-
415 out:
code before this statement never executed: out:
0
416 free(algs);-
417 return r;
never executed: return r;
0
418}-
419-
420int-
421kex_send_newkeys(struct ssh *ssh)-
422{-
423 int r;-
424-
425 kex_reset_dispatch(ssh);-
426 if ((r = sshpkt_start(ssh, SSH2_MSG_NEWKEYS)) != 0 ||
(r = sshpkt_st...ssh, 21)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
427 (r = sshpkt_send(ssh)) != 0)
(r = sshpkt_send(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
428 return r;
never executed: return r;
0
429 debug("SSH2_MSG_NEWKEYS sent");-
430 debug("expecting SSH2_MSG_NEWKEYS");-
431 ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_input_newkeys);-
432 if (ssh->kex->ext_info_c)
ssh->kex->ext_info_cDescription
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
433 if ((r = kex_send_ext_info(ssh)) != 0)
(r = kex_send_...nfo(ssh)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
434 return r;
never executed: return r;
0
435 return 0;
executed 320 times by 1 test: return 0;
Executed by:
  • test_kex
320
436}-
437-
438int-
439kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh)-
440{-
441 struct kex *kex = ssh->kex;-
442 u_int32_t i, ninfo;-
443 char *name;-
444 u_char *val;-
445 size_t vlen;-
446 int r;-
447-
448 debug("SSH2_MSG_EXT_INFO received");-
449 ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &kex_protocol_error);-
450 if ((r = sshpkt_get_u32(ssh, &ninfo)) != 0)
(r = sshpkt_ge... &ninfo)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
451 return r;
never executed: return r;
0
452 for (i = 0; i < ninfo; i++) {
i < ninfoDescription
TRUEnever evaluated
FALSEnever evaluated
0
453 if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0)
(r = sshpkt_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
454 return r;
never executed: return r;
0
455 if ((r = sshpkt_get_string(ssh, &val, &vlen)) != 0) {
(r = sshpkt_ge..., &vlen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
456 free(name);-
457 return r;
never executed: return r;
0
458 }-
459 if (strcmp(name, "server-sig-algs") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "server-sig-algs" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
460 /* Ensure no \0 lurking in value */-
461 if (memchr(val, '\0', vlen) != NULL) {
memchr(val, '\...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
462 error("%s: nul byte in %s", __func__, name);-
463 return SSH_ERR_INVALID_FORMAT;
never executed: return -4;
0
464 }-
465 debug("%s: %s=<%s>", __func__, name, val);-
466 kex->server_sig_algs = val;-
467 val = NULL;-
468 } else
never executed: end of block
0
469 debug("%s: %s (unrecognised)", __func__, name);
never executed: debug("%s: %s (unrecognised)", __func__, name);
0
470 free(name);-
471 free(val);-
472 }
never executed: end of block
0
473 return sshpkt_get_end(ssh);
never executed: return sshpkt_get_end(ssh);
0
474}-
475-
476static int-
477kex_input_newkeys(int type, u_int32_t seq, struct ssh *ssh)-
478{-
479 struct kex *kex = ssh->kex;-
480 int r;-
481-
482 debug("SSH2_MSG_NEWKEYS received");-
483 ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error);-
484 ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);-
485 if ((r = sshpkt_get_end(ssh)) != 0)
(r = sshpkt_get_end(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
486 return r;
never executed: return r;
0
487 if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0)
(r = ssh_set_n...MODE_IN)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
488 return r;
never executed: return r;
0
489 kex->done = 1;-
490 sshbuf_reset(kex->peer);-
491 /* sshbuf_reset(kex->my); */-
492 kex->flags &= ~KEX_INIT_SENT;-
493 free(kex->name);-
494 kex->name = NULL;-
495 return 0;
executed 320 times by 1 test: return 0;
Executed by:
  • test_kex
320
496}-
497-
498int-
499kex_send_kexinit(struct ssh *ssh)-
500{-
501 u_char *cookie;-
502 struct kex *kex = ssh->kex;-
503 int r;-
504-
505 if (kex == NULL)
kex == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
506 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
507 if (kex->flags & KEX_INIT_SENT)
kex->flags & 0x0001Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
508 return 0;
never executed: return 0;
0
509 kex->done = 0;-
510-
511 /* generate a random cookie */-
512 if (sshbuf_len(kex->my) < KEX_COOKIE_LEN)
sshbuf_len(kex->my) < 16Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
513 return SSH_ERR_INVALID_FORMAT;
never executed: return -4;
0
514 if ((cookie = sshbuf_mutable_ptr(kex->my)) == NULL)
(cookie = sshb...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
515 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
516 arc4random_buf(cookie, KEX_COOKIE_LEN);-
517-
518 if ((r = sshpkt_start(ssh, SSH2_MSG_KEXINIT)) != 0 ||
(r = sshpkt_st...ssh, 20)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
519 (r = sshpkt_putb(ssh, kex->my)) != 0 ||
(r = sshpkt_pu...kex->my)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
520 (r = sshpkt_send(ssh)) != 0)
(r = sshpkt_send(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
521 return r;
never executed: return r;
0
522 debug("SSH2_MSG_KEXINIT sent");-
523 kex->flags |= KEX_INIT_SENT;-
524 return 0;
executed 320 times by 1 test: return 0;
Executed by:
  • test_kex
320
525}-
526-
527/* ARGSUSED */-
528int-
529kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)-
530{-
531 struct kex *kex = ssh->kex;-
532 const u_char *ptr;-
533 u_int i;-
534 size_t dlen;-
535 int r;-
536-
537 debug("SSH2_MSG_KEXINIT received");-
538 if (kex == NULL)
kex == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
539 return SSH_ERR_INVALID_ARGUMENT;
never executed: return -10;
0
540-
541 ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);-
542 ptr = sshpkt_ptr(ssh, &dlen);-
543 if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
(r = sshbuf_pu...r, dlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
544 return r;
never executed: return r;
0
545-
546 /* discard packet */-
547 for (i = 0; i < KEX_COOKIE_LEN; i++)
i < 16Description
TRUEevaluated 5120 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
320-5120
548 if ((r = sshpkt_get_u8(ssh, NULL)) != 0)
(r = sshpkt_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEevaluated 5120 times by 1 test
Evaluated by:
  • test_kex
0-5120
549 return r;
never executed: return r;
0
550 for (i = 0; i < PROPOSAL_MAX; i++)
i < PROPOSAL_MAXDescription
TRUEevaluated 3200 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
320-3200
551 if ((r = sshpkt_get_string(ssh, NULL, NULL)) != 0)
(r = sshpkt_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEevaluated 3200 times by 1 test
Evaluated by:
  • test_kex
0-3200
552 return r;
never executed: return r;
0
553 /*-
554 * XXX RFC4253 sec 7: "each side MAY guess" - currently no supported-
555 * KEX method has the server move first, but a server might be using-
556 * a custom method or one that we otherwise don't support. We should-
557 * be prepared to remember first_kex_follows here so we can eat a-
558 * packet later.-
559 * XXX2 - RFC4253 is kind of ambiguous on what first_kex_follows means-
560 * for cases where the server *doesn't* go first. I guess we should-
561 * ignore it when it is set for these cases, which is what we do now.-
562 */-
563 if ((r = sshpkt_get_u8(ssh, NULL)) != 0 || /* first_kex_follows */
(r = sshpkt_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
564 (r = sshpkt_get_u32(ssh, NULL)) != 0 || /* reserved */
(r = sshpkt_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
565 (r = sshpkt_get_end(ssh)) != 0)
(r = sshpkt_get_end(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
566 return r;
never executed: return r;
0
567-
568 if (!(kex->flags & KEX_INIT_SENT))
!(kex->flags & 0x0001)Description
TRUEevaluated 128 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 192 times by 1 test
Evaluated by:
  • test_kex
128-192
569 if ((r = kex_send_kexinit(ssh)) != 0)
(r = kex_send_...nit(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 128 times by 1 test
Evaluated by:
  • test_kex
0-128
570 return r;
never executed: return r;
0
571 if ((r = kex_choose_conf(ssh)) != 0)
(r = kex_choos...onf(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
572 return r;
never executed: return r;
0
573-
574 if (kex->kex_type < KEX_MAX && kex->kex[kex->kex_type] != NULL)
kex->kex_type < KEX_MAXDescription
TRUEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
kex->kex[kex->...!= ((void *)0)Description
TRUEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-320
575 return (kex->kex[kex->kex_type])(ssh);
executed 320 times by 1 test: return (kex->kex[kex->kex_type])(ssh);
Executed by:
  • test_kex
320
576-
577 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
578}-
579-
580int-
581kex_new(struct ssh *ssh, char *proposal[PROPOSAL_MAX], struct kex **kexp)-
582{-
583 struct kex *kex;-
584 int r;-
585-
586 *kexp = NULL;-
587 if ((kex = calloc(1, sizeof(*kex))) == NULL)
(kex = calloc(...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 96 times by 1 test
Evaluated by:
  • test_kex
0-96
588 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
589 if ((kex->peer = sshbuf_new()) == NULL ||
(kex->peer = s...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 96 times by 1 test
Evaluated by:
  • test_kex
0-96
590 (kex->my = sshbuf_new()) == NULL) {
(kex->my = ssh...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 96 times by 1 test
Evaluated by:
  • test_kex
0-96
591 r = SSH_ERR_ALLOC_FAIL;-
592 goto out;
never executed: goto out;
0
593 }-
594 if ((r = kex_prop2buf(kex->my, proposal)) != 0)
(r = kex_prop2...roposal)) != 0Description
TRUEnever evaluated
FALSEevaluated 96 times by 1 test
Evaluated by:
  • test_kex
0-96
595 goto out;
never executed: goto out;
0
596 kex->done = 0;-
597 kex_reset_dispatch(ssh);-
598 ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);-
599 r = 0;-
600 *kexp = kex;-
601 out:
code before this statement executed 96 times by 1 test: out:
Executed by:
  • test_kex
96
602 if (r != 0)
r != 0Description
TRUEnever evaluated
FALSEevaluated 96 times by 1 test
Evaluated by:
  • test_kex
0-96
603 kex_free(kex);
never executed: kex_free(kex);
0
604 return r;
executed 96 times by 1 test: return r;
Executed by:
  • test_kex
96
605}-
606-
607void-
608kex_free_newkeys(struct newkeys *newkeys)-
609{-
610 if (newkeys == NULL)
newkeys == ((void *)0)Description
TRUEevaluated 256 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
256-704
611 return;
executed 256 times by 1 test: return;
Executed by:
  • test_kex
256
612 if (newkeys->enc.key) {
newkeys->enc.keyDescription
TRUEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-704
613 explicit_bzero(newkeys->enc.key, newkeys->enc.key_len);-
614 free(newkeys->enc.key);-
615 newkeys->enc.key = NULL;-
616 }
executed 704 times by 1 test: end of block
Executed by:
  • test_kex
704
617 if (newkeys->enc.iv) {
newkeys->enc.ivDescription
TRUEevaluated 704 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-704
618 explicit_bzero(newkeys->enc.iv, newkeys->enc.iv_len);-
619 free(newkeys->enc.iv);-
620 newkeys->enc.iv = NULL;-
621 }
executed 704 times by 1 test: end of block
Executed by:
  • test_kex
704
622 free(newkeys->enc.name);-
623 explicit_bzero(&newkeys->enc, sizeof(newkeys->enc));-
624 free(newkeys->comp.name);-
625 explicit_bzero(&newkeys->comp, sizeof(newkeys->comp));-
626 mac_clear(&newkeys->mac);-
627 if (newkeys->mac.key) {
newkeys->mac.keyDescription
TRUEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 64 times by 1 test
Evaluated by:
  • test_kex
64-640
628 explicit_bzero(newkeys->mac.key, newkeys->mac.key_len);-
629 free(newkeys->mac.key);-
630 newkeys->mac.key = NULL;-
631 }
executed 640 times by 1 test: end of block
Executed by:
  • test_kex
640
632 free(newkeys->mac.name);-
633 explicit_bzero(&newkeys->mac, sizeof(newkeys->mac));-
634 explicit_bzero(newkeys, sizeof(*newkeys));-
635 free(newkeys);-
636}
executed 704 times by 1 test: end of block
Executed by:
  • test_kex
704
637-
638void-
639kex_free(struct kex *kex)-
640{-
641 u_int mode;-
642-
643#ifdef WITH_OPENSSL-
644 DH_free(kex->dh);-
645#ifdef OPENSSL_HAS_ECC-
646 EC_KEY_free(kex->ec_client_key);-
647#endif /* OPENSSL_HAS_ECC */-
648#endif /* WITH_OPENSSL */-
649 for (mode = 0; mode < MODE_MAX; mode++) {
mode < MODE_MAXDescription
TRUEevaluated 256 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 128 times by 1 test
Evaluated by:
  • test_kex
128-256
650 kex_free_newkeys(kex->newkeys[mode]);-
651 kex->newkeys[mode] = NULL;-
652 }
executed 256 times by 1 test: end of block
Executed by:
  • test_kex
256
653 sshbuf_free(kex->peer);-
654 sshbuf_free(kex->my);-
655 free(kex->session_id);-
656 free(kex->client_version_string);-
657 free(kex->server_version_string);-
658 free(kex->failed_choice);-
659 free(kex->hostkey_alg);-
660 free(kex->name);-
661 free(kex);-
662}
executed 128 times by 1 test: end of block
Executed by:
  • test_kex
128
663-
664int-
665kex_setup(struct ssh *ssh, char *proposal[PROPOSAL_MAX])-
666{-
667 int r;-
668-
669 if ((r = kex_new(ssh, proposal, &ssh->kex)) != 0)
(r = kex_new(s...sh->kex)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
670 return r;
never executed: return r;
0
671 if ((r = kex_send_kexinit(ssh)) != 0) { /* we start */
(r = kex_send_...nit(ssh)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
672 kex_free(ssh->kex);-
673 ssh->kex = NULL;-
674 return r;
never executed: return r;
0
675 }-
676 return 0;
never executed: return 0;
0
677}-
678-
679/*-
680 * Request key re-exchange, returns 0 on success or a ssherr.h error-
681 * code otherwise. Must not be called if KEX is incomplete or in-progress.-
682 */-
683int-
684kex_start_rekex(struct ssh *ssh)-
685{-
686 if (ssh->kex == NULL) {
ssh->kex == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
687 error("%s: no kex", __func__);-
688 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
689 }-
690 if (ssh->kex->done == 0) {
ssh->kex->done == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
691 error("%s: requested twice", __func__);-
692 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
693 }-
694 ssh->kex->done = 0;-
695 return kex_send_kexinit(ssh);
never executed: return kex_send_kexinit(ssh);
0
696}-
697-
698static int-
699choose_enc(struct sshenc *enc, char *client, char *server)-
700{-
701 char *name = match_list(client, server, NULL);-
702-
703 if (name == NULL)
name == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
0-640
704 return SSH_ERR_NO_CIPHER_ALG_MATCH;
never executed: return -31;
0
705 if ((enc->cipher = cipher_by_name(name)) == NULL) {
(enc->cipher =...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
0-640
706 free(name);-
707 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
708 }-
709 enc->name = name;-
710 enc->enabled = 0;-
711 enc->iv = NULL;-
712 enc->iv_len = cipher_ivlen(enc->cipher);-
713 enc->key = NULL;-
714 enc->key_len = cipher_keylen(enc->cipher);-
715 enc->block_size = cipher_blocksize(enc->cipher);-
716 return 0;
executed 640 times by 1 test: return 0;
Executed by:
  • test_kex
640
717}-
718-
719static int-
720choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server)-
721{-
722 char *name = match_list(client, server, NULL);-
723-
724 if (name == NULL)
name == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
725 return SSH_ERR_NO_MAC_ALG_MATCH;
never executed: return -32;
0
726 if (mac_setup(mac, name) < 0) {
mac_setup(mac, name) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
727 free(name);-
728 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
729 }-
730 mac->name = name;-
731 mac->key = NULL;-
732 mac->enabled = 0;-
733 return 0;
never executed: return 0;
0
734}-
735-
736static int-
737choose_comp(struct sshcomp *comp, char *client, char *server)-
738{-
739 char *name = match_list(client, server, NULL);-
740-
741 if (name == NULL)
name == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
0-640
742 return SSH_ERR_NO_COMPRESS_ALG_MATCH;
never executed: return -33;
0
743 if (strcmp(name, "zlib@openssh.com") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "zlib@openssh.com" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0-640
744 comp->type = COMP_DELAYED;-
745 } else if (strcmp(name, "zlib") == 0) {
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "zlib" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0-640
746 comp->type = COMP_ZLIB;-
747 } else if (strcmp(name, "none") == 0) {
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "none" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0-640
748 comp->type = COMP_NONE;-
749 } else {
executed 640 times by 1 test: end of block
Executed by:
  • test_kex
640
750 free(name);-
751 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
752 }-
753 comp->name = name;-
754 return 0;
executed 640 times by 1 test: return 0;
Executed by:
  • test_kex
640
755}-
756-
757static int-
758choose_kex(struct kex *k, char *client, char *server)-
759{-
760 const struct kexalg *kexalg;-
761-
762 k->name = match_list(client, server, NULL);-
763-
764 debug("kex: algorithm: %s", k->name ? k->name : "(no match)");-
765 if (k->name == NULL)
k->name == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
766 return SSH_ERR_NO_KEX_ALG_MATCH;
never executed: return -34;
0
767 if ((kexalg = kex_alg_by_name(k->name)) == NULL)
(kexalg = kex_...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
768 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
769 k->kex_type = kexalg->type;-
770 k->hash_alg = kexalg->hash_alg;-
771 k->ec_nid = kexalg->ec_nid;-
772 return 0;
executed 320 times by 1 test: return 0;
Executed by:
  • test_kex
320
773}-
774-
775static int-
776choose_hostkeyalg(struct kex *k, char *client, char *server)-
777{-
778 k->hostkey_alg = match_list(client, server, NULL);-
779-
780 debug("kex: host key algorithm: %s",-
781 k->hostkey_alg ? k->hostkey_alg : "(no match)");-
782 if (k->hostkey_alg == NULL)
k->hostkey_alg == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
783 return SSH_ERR_NO_HOSTKEY_ALG_MATCH;
never executed: return -35;
0
784 k->hostkey_type = sshkey_type_from_name(k->hostkey_alg);-
785 if (k->hostkey_type == KEY_UNSPEC)
k->hostkey_type == KEY_UNSPECDescription
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
786 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
787 k->hostkey_nid = sshkey_ecdsa_nid_from_name(k->hostkey_alg);-
788 return 0;
executed 320 times by 1 test: return 0;
Executed by:
  • test_kex
320
789}-
790-
791static int-
792proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX])-
793{-
794 static int check[] = {-
795 PROPOSAL_KEX_ALGS, PROPOSAL_SERVER_HOST_KEY_ALGS, -1-
796 };-
797 int *idx;-
798 char *p;-
799-
800 for (idx = &check[0]; *idx != -1; idx++) {
*idx != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
801 if ((p = strchr(my[*idx], ',')) != NULL)
(p = (__extens...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( ',' )Description
TRUEnever evaluated
FALSEnever evaluated
!__builtin_con...p ( my[*idx] )Description
TRUEnever evaluated
FALSEnever evaluated
( ',' ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
802 *p = '\0';
never executed: *p = '\0';
0
803 if ((p = strchr(peer[*idx], ',')) != NULL)
(p = (__extens...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( ',' )Description
TRUEnever evaluated
FALSEnever evaluated
!__builtin_con...( peer[*idx] )Description
TRUEnever evaluated
FALSEnever evaluated
( ',' ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
804 *p = '\0';
never executed: *p = '\0';
0
805 if (strcmp(my[*idx], peer[*idx]) != 0) {
never executed: __result = (((const unsigned char *) (const char *) ( my[*idx] ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( peer[*idx] ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) != 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
806 debug2("proposal mismatch: my %s peer %s",-
807 my[*idx], peer[*idx]);-
808 return (0);
never executed: return (0);
0
809 }-
810 }
never executed: end of block
0
811 debug2("proposals match");-
812 return (1);
never executed: return (1);
0
813}-
814-
815static int-
816kex_choose_conf(struct ssh *ssh)-
817{-
818 struct kex *kex = ssh->kex;-
819 struct newkeys *newkeys;-
820 char **my = NULL, **peer = NULL;-
821 char **cprop, **sprop;-
822 int nenc, nmac, ncomp;-
823 u_int mode, ctos, need, dh_need, authlen;-
824 int r, first_kex_follows;-
825-
826 debug2("local %s KEXINIT proposal", kex->server ? "server" : "client");-
827 if ((r = kex_buf2prop(kex->my, NULL, &my)) != 0)
(r = kex_buf2p...) , &my)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
828 goto out;
never executed: goto out;
0
829 debug2("peer %s KEXINIT proposal", kex->server ? "client" : "server");-
830 if ((r = kex_buf2prop(kex->peer, &first_kex_follows, &peer)) != 0)
(r = kex_buf2p..., &peer)) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
831 goto out;
never executed: goto out;
0
832-
833 if (kex->server) {
kex->serverDescription
TRUEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
160
834 cprop=peer;-
835 sprop=my;-
836 } else {
executed 160 times by 1 test: end of block
Executed by:
  • test_kex
160
837 cprop=my;-
838 sprop=peer;-
839 }
executed 160 times by 1 test: end of block
Executed by:
  • test_kex
160
840-
841 /* Check whether client supports ext_info_c */-
842 if (kex->server) {
kex->serverDescription
TRUEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
160
843 char *ext;-
844-
845 ext = match_list("ext-info-c", peer[PROPOSAL_KEX_ALGS], NULL);-
846 kex->ext_info_c = (ext != NULL);-
847 free(ext);-
848 }
executed 160 times by 1 test: end of block
Executed by:
  • test_kex
160
849-
850 /* Algorithm Negotiation */-
851 if ((r = choose_kex(kex, cprop[PROPOSAL_KEX_ALGS],
(r = choose_ke...X_ALGS])) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
852 sprop[PROPOSAL_KEX_ALGS])) != 0) {
(r = choose_ke...X_ALGS])) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
853 kex->failed_choice = peer[PROPOSAL_KEX_ALGS];-
854 peer[PROPOSAL_KEX_ALGS] = NULL;-
855 goto out;
never executed: goto out;
0
856 }-
857 if ((r = choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS],
(r = choose_ho...Y_ALGS])) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
858 sprop[PROPOSAL_SERVER_HOST_KEY_ALGS])) != 0) {
(r = choose_ho...Y_ALGS])) != 0Description
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
0-320
859 kex->failed_choice = peer[PROPOSAL_SERVER_HOST_KEY_ALGS];-
860 peer[PROPOSAL_SERVER_HOST_KEY_ALGS] = NULL;-
861 goto out;
never executed: goto out;
0
862 }-
863 for (mode = 0; mode < MODE_MAX; mode++) {
mode < MODE_MAXDescription
TRUEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
320-640
864 if ((newkeys = calloc(1, sizeof(*newkeys))) == NULL) {
(newkeys = cal...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
0-640
865 r = SSH_ERR_ALLOC_FAIL;-
866 goto out;
never executed: goto out;
0
867 }-
868 kex->newkeys[mode] = newkeys;-
869 ctos = (!kex->server && mode == MODE_OUT) ||
!kex->serverDescription
TRUEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
mode == MODE_OUTDescription
TRUEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
160-320
870 (kex->server && mode == MODE_IN);
kex->serverDescription
TRUEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
mode == MODE_INDescription
TRUEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
160-320
871 nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC;
ctosDescription
TRUEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
320
872 nmac = ctos ? PROPOSAL_MAC_ALGS_CTOS : PROPOSAL_MAC_ALGS_STOC;
ctosDescription
TRUEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
320
873 ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC;
ctosDescription
TRUEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
320
874 if ((r = choose_enc(&newkeys->enc, cprop[nenc],
(r = choose_en...p[nenc])) != 0Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
0-640
875 sprop[nenc])) != 0) {
(r = choose_en...p[nenc])) != 0Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
0-640
876 kex->failed_choice = peer[nenc];-
877 peer[nenc] = NULL;-
878 goto out;
never executed: goto out;
0
879 }-
880 authlen = cipher_authlen(newkeys->enc.cipher);-
881 /* ignore mac for authenticated encryption */-
882 if (authlen == 0 &&
authlen == 0Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
0-640
883 (r = choose_mac(ssh, &newkeys->mac, cprop[nmac],
(r = choose_ma...p[nmac])) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
884 sprop[nmac])) != 0) {
(r = choose_ma...p[nmac])) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
885 kex->failed_choice = peer[nmac];-
886 peer[nmac] = NULL;-
887 goto out;
never executed: goto out;
0
888 }-
889 if ((r = choose_comp(&newkeys->comp, cprop[ncomp],
(r = choose_co...[ncomp])) != 0Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
0-640
890 sprop[ncomp])) != 0) {
(r = choose_co...[ncomp])) != 0Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
0-640
891 kex->failed_choice = peer[ncomp];-
892 peer[ncomp] = NULL;-
893 goto out;
never executed: goto out;
0
894 }-
895 debug("kex: %s cipher: %s MAC: %s compression: %s",-
896 ctos ? "client->server" : "server->client",-
897 newkeys->enc.name,-
898 authlen == 0 ? newkeys->mac.name : "<implicit>",-
899 newkeys->comp.name);-
900 }
executed 640 times by 1 test: end of block
Executed by:
  • test_kex
640
901 need = dh_need = 0;-
902 for (mode = 0; mode < MODE_MAX; mode++) {
mode < MODE_MAXDescription
TRUEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
320-640
903 newkeys = kex->newkeys[mode];-
904 need = MAXIMUM(need, newkeys->enc.key_len);
((need) > (new...>enc.key_len))Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
0-640
905 need = MAXIMUM(need, newkeys->enc.block_size);
((need) > (new...c.block_size))Description
TRUEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-640
906 need = MAXIMUM(need, newkeys->enc.iv_len);
((need) > (new...->enc.iv_len))Description
TRUEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-640
907 need = MAXIMUM(need, newkeys->mac.key_len);
((need) > (new...>mac.key_len))Description
TRUEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-640
908 dh_need = MAXIMUM(dh_need, cipher_seclen(newkeys->enc.cipher));
((dh_need) > (...>enc.cipher)))Description
TRUEnever evaluated
FALSEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
0-640
909 dh_need = MAXIMUM(dh_need, newkeys->enc.block_size);
((dh_need) > (...c.block_size))Description
TRUEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-640
910 dh_need = MAXIMUM(dh_need, newkeys->enc.iv_len);
((dh_need) > (...->enc.iv_len))Description
TRUEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-640
911 dh_need = MAXIMUM(dh_need, newkeys->mac.key_len);
((dh_need) > (...>mac.key_len))Description
TRUEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-640
912 }
executed 640 times by 1 test: end of block
Executed by:
  • test_kex
640
913 /* XXX need runden? */-
914 kex->we_need = need;-
915 kex->dh_need = dh_need;-
916-
917 /* ignore the next message if the proposals do not match */-
918 if (first_kex_follows && !proposals_match(my, peer))
first_kex_followsDescription
TRUEnever evaluated
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
!proposals_match(my, peer)Description
TRUEnever evaluated
FALSEnever evaluated
0-320
919 ssh->dispatch_skip_packets = 1;
never executed: ssh->dispatch_skip_packets = 1;
0
920 r = 0;-
921 out:
code before this statement executed 320 times by 1 test: out:
Executed by:
  • test_kex
320
922 kex_prop_free(my);-
923 kex_prop_free(peer);-
924 return r;
executed 320 times by 1 test: return r;
Executed by:
  • test_kex
320
925}-
926-
927static int-
928derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen,-
929 const struct sshbuf *shared_secret, u_char **keyp)-
930{-
931 struct kex *kex = ssh->kex;-
932 struct ssh_digest_ctx *hashctx = NULL;-
933 char c = id;-
934 u_int have;-
935 size_t mdsz;-
936 u_char *digest;-
937 int r;-
938-
939 if ((mdsz = ssh_digest_bytes(kex->hash_alg)) == 0)
(mdsz = ssh_di...ash_alg)) == 0Description
TRUEnever evaluated
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
0-1920
940 return SSH_ERR_INVALID_ARGUMENT;
never executed: return -10;
0
941 if ((digest = calloc(1, ROUNDUP(need, mdsz))) == NULL) {
(digest = call...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
0-1920
942 r = SSH_ERR_ALLOC_FAIL;-
943 goto out;
never executed: goto out;
0
944 }-
945-
946 /* K1 = HASH(K || H || "A" || session_id) */-
947 if ((hashctx = ssh_digest_start(kex->hash_alg)) == NULL ||
(hashctx = ssh...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
0-1920
948 ssh_digest_update_buffer(hashctx, shared_secret) != 0 ||
ssh_digest_upd...d_secret) != 0Description
TRUEnever evaluated
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
0-1920
949 ssh_digest_update(hashctx, hash, hashlen) != 0 ||
ssh_digest_upd... hashlen) != 0Description
TRUEnever evaluated
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
0-1920
950 ssh_digest_update(hashctx, &c, 1) != 0 ||
ssh_digest_upd...x, &c, 1) != 0Description
TRUEnever evaluated
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
0-1920
951 ssh_digest_update(hashctx, kex->session_id,
ssh_digest_upd...n_id_len) != 0Description
TRUEnever evaluated
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
0-1920
952 kex->session_id_len) != 0 ||
ssh_digest_upd...n_id_len) != 0Description
TRUEnever evaluated
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
0-1920
953 ssh_digest_final(hashctx, digest, mdsz) != 0) {
ssh_digest_fin...st, mdsz) != 0Description
TRUEnever evaluated
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
0-1920
954 r = SSH_ERR_LIBCRYPTO_ERROR;-
955 goto out;
never executed: goto out;
0
956 }-
957 ssh_digest_free(hashctx);-
958 hashctx = NULL;-
959-
960 /*-
961 * expand key:-
962 * Kn = HASH(K || H || K1 || K2 || ... || Kn-1)-
963 * Key = K1 || K2 || ... || Kn-
964 */-
965 for (have = mdsz; need > have; have += mdsz) {
need > haveDescription
TRUEevaluated 3120 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
1920-3120
966 if ((hashctx = ssh_digest_start(kex->hash_alg)) == NULL ||
(hashctx = ssh...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3120 times by 1 test
Evaluated by:
  • test_kex
0-3120
967 ssh_digest_update_buffer(hashctx, shared_secret) != 0 ||
ssh_digest_upd...d_secret) != 0Description
TRUEnever evaluated
FALSEevaluated 3120 times by 1 test
Evaluated by:
  • test_kex
0-3120
968 ssh_digest_update(hashctx, hash, hashlen) != 0 ||
ssh_digest_upd... hashlen) != 0Description
TRUEnever evaluated
FALSEevaluated 3120 times by 1 test
Evaluated by:
  • test_kex
0-3120
969 ssh_digest_update(hashctx, digest, have) != 0 ||
ssh_digest_upd...st, have) != 0Description
TRUEnever evaluated
FALSEevaluated 3120 times by 1 test
Evaluated by:
  • test_kex
0-3120
970 ssh_digest_final(hashctx, digest + have, mdsz) != 0) {
ssh_digest_fin...ve, mdsz) != 0Description
TRUEnever evaluated
FALSEevaluated 3120 times by 1 test
Evaluated by:
  • test_kex
0-3120
971 r = SSH_ERR_LIBCRYPTO_ERROR;-
972 goto out;
never executed: goto out;
0
973 }-
974 ssh_digest_free(hashctx);-
975 hashctx = NULL;-
976 }
executed 3120 times by 1 test: end of block
Executed by:
  • test_kex
3120
977#ifdef DEBUG_KEX-
978 fprintf(stderr, "key '%c'== ", c);-
979 dump_digest("key", digest, need);-
980#endif-
981 *keyp = digest;-
982 digest = NULL;-
983 r = 0;-
984 out:
code before this statement executed 1920 times by 1 test: out:
Executed by:
  • test_kex
1920
985 free(digest);-
986 ssh_digest_free(hashctx);-
987 return r;
executed 1920 times by 1 test: return r;
Executed by:
  • test_kex
1920
988}-
989-
990#define NKEYS 6-
991int-
992kex_derive_keys(struct ssh *ssh, u_char *hash, u_int hashlen,-
993 const struct sshbuf *shared_secret)-
994{-
995 struct kex *kex = ssh->kex;-
996 u_char *keys[NKEYS];-
997 u_int i, j, mode, ctos;-
998 int r;-
999-
1000 for (i = 0; i < NKEYS; i++) {
i < 6Description
TRUEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
320-1920
1001 if ((r = derive_key(ssh, 'A'+i, kex->we_need, hash, hashlen,
(r = derive_ke...keys[i])) != 0Description
TRUEnever evaluated
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
0-1920
1002 shared_secret, &keys[i])) != 0) {
(r = derive_ke...keys[i])) != 0Description
TRUEnever evaluated
FALSEevaluated 1920 times by 1 test
Evaluated by:
  • test_kex
0-1920
1003 for (j = 0; j < i; j++)
j < iDescription
TRUEnever evaluated
FALSEnever evaluated
0
1004 free(keys[j]);
never executed: free(keys[j]);
0
1005 return r;
never executed: return r;
0
1006 }-
1007 }
executed 1920 times by 1 test: end of block
Executed by:
  • test_kex
1920
1008 for (mode = 0; mode < MODE_MAX; mode++) {
mode < MODE_MAXDescription
TRUEevaluated 640 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
320-640
1009 ctos = (!kex->server && mode == MODE_OUT) ||
!kex->serverDescription
TRUEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
mode == MODE_OUTDescription
TRUEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
160-320
1010 (kex->server && mode == MODE_IN);
kex->serverDescription
TRUEevaluated 320 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
mode == MODE_INDescription
TRUEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 160 times by 1 test
Evaluated by:
  • test_kex
160-320
1011 kex->newkeys[mode]->enc.iv = keys[ctos ? 0 : 1];-
1012 kex->newkeys[mode]->enc.key = keys[ctos ? 2 : 3];-
1013 kex->newkeys[mode]->mac.key = keys[ctos ? 4 : 5];-
1014 }
executed 640 times by 1 test: end of block
Executed by:
  • test_kex
640
1015 return 0;
executed 320 times by 1 test: return 0;
Executed by:
  • test_kex
320
1016}-
1017-
1018#ifdef WITH_OPENSSL-
1019int-
1020kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen,-
1021 const BIGNUM *secret)-
1022{-
1023 struct sshbuf *shared_secret;-
1024 int r;-
1025-
1026 if ((shared_secret = sshbuf_new()) == NULL)
(shared_secret...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 280 times by 1 test
Evaluated by:
  • test_kex
0-280
1027 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
1028 if ((r = sshbuf_put_bignum2(shared_secret, secret)) == 0)
(r = sshbuf_pu... secret)) == 0Description
TRUEevaluated 280 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-280
1029 r = kex_derive_keys(ssh, hash, hashlen, shared_secret);
executed 280 times by 1 test: r = kex_derive_keys(ssh, hash, hashlen, shared_secret);
Executed by:
  • test_kex
280
1030 sshbuf_free(shared_secret);-
1031 return r;
executed 280 times by 1 test: return r;
Executed by:
  • test_kex
280
1032}-
1033#endif-
1034-
1035-
1036#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH)-
1037void-
1038dump_digest(char *msg, u_char *digest, int len)-
1039{-
1040 fprintf(stderr, "%s\n", msg);-
1041 sshbuf_dump_data(digest, len, stderr);-
1042}-
1043#endif-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2